一個沒有添加認證的swagger配置類大概長這樣
@Bean
public Docket docket() {
return new Docket(DocumentationType.SWAGGER_2).host(swaggerHost)
.groupName("demo")
.apiInfo(getApiInfo())
.select()
//設置basePackage會將包下的所有被@Api標記類的所有方法作爲api
.apis(RequestHandlerSelectors.basePackage("com.example.web"))
//只有標記了@ApiOperation的方法纔會暴露出給swagger
.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
.paths(PathSelectors.any()).build();
}
如果要添加Basic認證,只需要指定Docket的securitySchemes屬性即可:
增加如下方法:
private List<? extends SecurityScheme> securitySchemes() {
return Arrays.asList(new BasicAuth("Authorization"));
}
在build()後面添加:
.securitySchemes(securitySchemes());
重啓後臺,打開swagger-ui.html,右上角會多一個Authorization按鈕,點擊會出現用戶名和密碼的輸入框。輸入有效的用戶密碼即可完成認證。
如果當前系統採用的是oauth2.0認證方式,需同時指定Docket的securitySchemes屬性和securityContext屬性,添加如下代碼,注意ApiKey是SecurityScheme的一個子類。
private ApiKey apiKey() {
return new ApiKey("Bearer", "Authorization", "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder().securityReferences(defaultAuth())
.forPaths(PathSelectors.any()).build();
}
private List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope = new AuthorizationScope(
"global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Arrays.asList(new SecurityReference("Bearer",
authorizationScopes));
}
然後在build()後面添加:
.securitySchemes(Lists.newArrayList(apiKey()))
.securityContexts(Arrays.asList(securityContext()));
重啓後臺,打開swagger-ui.html,右上角會多一個Authorization按鈕,點擊會出現Bearer token輸入框:
value框輸入Bearer+空格+你通過oauth2獲取的accessToken,即可完成認證。